Launching OSV – Better vulnerability triage for open source
Posted by Oliver Chang and Kim Lewandowski, Google Security Team We are excited to launch OSV (Open Source Vulnerabilities), our first step towards improving vulnerability triage for developers and consumers…
New Chrome Browser 0-day Under Active Attack—Update Immediately!
Google has patched a zero-day vulnerability in Chrome web browser for desktop that it says is being actively exploited in the wild. The company released 88.0.4324.150 for Windows, Mac, and…
Google Chrome sync feature can be abused for C&C and data exfiltration
A security researcher has found a malicious Chrome extension in the wild abusing the Chrome Sync process. Read more from the Source
Unpatched Vulnerability: 50,000 WP Sites Must Find Alternative for Contact Form 7 Style
On December 9, 2020, the Wordfence Threat Intelligence team discovered a Cross-Site Request Forgery (CSRF) to Stored Cross Site Scripting (XSS) vulnerability in Contact Form 7 Style, a WordPress plugin…